Blog

Anomali February Quarterly Product Release

Anomali will be announcing the release of the Anomali Platform, a cloud-native extended detection and response solution, among other product updates.

Joe Ariganello
February 28, 2022
Table of contents
<div data-aspectratio="1.66785714" id="experience-621cefaa34b77" style="position: relative;width: auto;padding: 0 0 59.96%;height: 0;top: 0;left: 0;bottom: 0;right: 0;margin: 0;border: 0 none"><iframe allowfullscreen="" class="ceros-experience" frameborder="0" scrolling="no" src="//view.ceros.com/anomali/novemberquarterlyreleasehighlights-2" style="position: absolute;top: 0;left: 0;bottom: 0;right: 0;margin: 0;padding: 0;border: 0 none;height: 1px;width: 1px;min-height: 100%;min-width: 100%" title="February Quarterly Release Highlights"></iframe></div> <script data-ceros-origin-domains="view.ceros.com" src="//view.ceros.com/scroll-proxy.min.js" type="text/javascript"></script> <p> </p> <p>Anomali has made its mark delivering Threat Intelligence powered detection and response with its ThreatStream, Match, and Lens portfolio. Now, we've expanded upon that leadership position by continuing to innovate and deliver the essential capabilities and XDR solutions our customers have been wanting.</p> <p>Key Highlights for this Quarter Include:</p> <ul> <li>Introducing Match in the Cloud</li> <li>Announcing The Anomali Platform</li> <li>Increased Insights with Intelligence Initiatives </li> <li>Extended Rules Engine Supporting Advanced Search Queries</li> <li>On-Prem 5.3 Release with Intelligence Initiatives and More</li> <li>Cybersecurity Insights Report and Blog Series</li> </ul> <p>Read more below to see what our incredible team has been working on this quarter.</p> <h2>Introducing Match in the Cloud</h2> <p>At the core of this new release is the hard work the team has done to introduce Match, Anomali’s big data threat detection engine, as a cloud-native deployment. By moving Match to the cloud, we’ve introduced new cloud capabilities that work together with existing ThreatStream and Lens capabilities in a cloud-native environment.</p> <p>With Match Cloud, we have unlocked our capability to ingest data from any telemetry source and access our global repository of threat intelligence to deliver high-performance indicator correlation at a rate of 190 trillion EPS.  </p> <p>With Match Cloud, customers can add internal log sources and telemetry freely, leveraging the power of resource-intensive technologies that improve overall effectiveness and efficiencies. </p> <p>Match is available in both cloud and on-premise deployment options. Take our <a href="{page_5837}">interactive tour</a> to learn more. </p> <h2>Announcing The Anomali Platform </h2> <p>As I mentioned above, moving Match to the cloud created synergistic threat detection and response capabilities in a cloud-native environment across the entire Anomali portfolio. With that, we’re able to offer fully cloud-native multi-tenant solutions that easily integrate into existing security tech stacks. </p> <p>We’re excited to introduce The Anomali Platform, a cloud-native extended detection and response (XDR) solution. The Anomali Platform is made up of critical components that work together to ingest security data from any telemetry source and correlate it with our global repository of threat intelligence to drive detection, prioritization, analysis, and response. </p> <p>Included in The Anomali Platform are:</p> <ul> <li>Anomali Match </li> <li>Anomali ThreatStream </li> <li>Anomali Lens </li> </ul> <p>By combining big data management, machine learning, and the world’s largest global threat intelligence repository, organizations can understand what’s happening inside and outside their network within seconds.</p> <p><a href="https://wwwlegacy.anomali.com/files/reviews/Impact-Brief-The-Anomali-Platform.pdf">Read</a> the Enterprise Management Associates (EMA) Impact Brief to see what they had to say about The Anomali Platform or take our <a href="https://www.anomali.com/products/interactive-tour">interactive tour</a> to learn more. And keep an eye out for our live event coming in Mid-April.</p> <h2>Increased Insights with Intelligence Initiatives </h2> <p>Since its release, Intelligence Initiatives have proven to be an effective tool in helping organizations align their intelligence goals and workflows around specific tasks.</p> <p>With this release, we’ve introduced more out of the box options that offer increased granularity and visibility, including:</p> <ul> <li>Granular Intelligence Requirements that enable users to associate intelligence and user activity with specific aspects of analyst work </li> <li>Built-in dashboards with additional insights and information for stakeholders about current Intelligence Initiatives</li> <li>Increased ability to associate ThreatStream entities to an Initiative, allowing an organization to attribute more of their work and research to chosen initiatives, including the attribution of intelligence from Sandbox detonations and manually imported intelligence</li> </ul> <p>This update is currently available as a Cloud-only update for ThreatStream customers until future appliance releases.</p> <h2>Extended Rules Engine Support with Advanced Search Queries</h2> <p>​​ThreatStream allows customers to manage the collection, curation, normalization, and integration of threat intelligence from many sources into your research and operational environments. With ThreatStreams’s rules functionality, users can closely monitor new and updated intelligence.</p> <p>In this release, we’ve added advanced search-based rules on threat entities, including the use of conditions and operators to enable users to obtain greater control in pinpointing the appropriate alerts for teams to manage their highest priority threat intelligence updates. It also allows a retrospective selection of intelligence updates based on new advanced-search rules. </p> <h2>On-Prem 5.3 Release with Intelligence Initiatives and More</h2> <p>It’s not all about the cloud, as this month also brings ThreatStream On-Prem customers a feature-rich release with v5.3, including:</p> <ul> <li>Advanced Saved Search functionality to Threat Models  and custom dashboards</li> <li>STIX TAXII server now provides immediate access to your local dataset [serving local observables only]</li> <li>Support for MITRE ATT&amp;CK Attack Patterns and MITRE Version management [up to v9, in Security Coverage and Investigations]</li> <li>Introduction of Intelligence Initiatives to represent organizational intelligence goals [for local intelligence via local initiatives]</li> <li>Organizational specific intelligence highlights when scanning pages with Lens, as well as Office 365 and PDF support for Lens+ customers</li> <li>Workgroup based dashboards displaying user activity  data broken down by workgroup</li> </ul> <h2>Cybersecurity Insights Report and Blog Series</h2> <p>Anomali recently released our Cybersecurity Insights Report 2022, which outlined key challenges enterprise organizations face daily. In addition to the report, readers can follow along with our new bi-weekly blog series as I explore the Top 10 Cybersecurity Challenges Enterprise Organization's Face and deep dive into each of them.</p> <p>You can read the first in the series <a href="https://www.anomali.com/blog/top-10-cybersecurity-challenges-enterprise-organizations-face">here</a> or <a href="https://www.anomali.com/resources/whitepapers/anomali-cybersecurity-insights-report?[…]utm_campaign=harris-poll&amp;utm_content=blog&amp;cid=7014z000001Ivxt">download the report</a> for more insights.</p> <p>Until next quarter, stay safe!</p>
Joe Ariganello

Joe Ariganello is the former VP of Product Marketing at Anomali.

Propel your mission with amplified visibility, analytics, and AI.

Learn how Anomali can help you cost-effectively improve your security posture.

February 28, 2022
-
Joe Ariganello
,

Anomali February Quarterly Product Release

<div data-aspectratio="1.66785714" id="experience-621cefaa34b77" style="position: relative;width: auto;padding: 0 0 59.96%;height: 0;top: 0;left: 0;bottom: 0;right: 0;margin: 0;border: 0 none"><iframe allowfullscreen="" class="ceros-experience" frameborder="0" scrolling="no" src="//view.ceros.com/anomali/novemberquarterlyreleasehighlights-2" style="position: absolute;top: 0;left: 0;bottom: 0;right: 0;margin: 0;padding: 0;border: 0 none;height: 1px;width: 1px;min-height: 100%;min-width: 100%" title="February Quarterly Release Highlights"></iframe></div> <script data-ceros-origin-domains="view.ceros.com" src="//view.ceros.com/scroll-proxy.min.js" type="text/javascript"></script> <p> </p> <p>Anomali has made its mark delivering Threat Intelligence powered detection and response with its ThreatStream, Match, and Lens portfolio. Now, we've expanded upon that leadership position by continuing to innovate and deliver the essential capabilities and XDR solutions our customers have been wanting.</p> <p>Key Highlights for this Quarter Include:</p> <ul> <li>Introducing Match in the Cloud</li> <li>Announcing The Anomali Platform</li> <li>Increased Insights with Intelligence Initiatives </li> <li>Extended Rules Engine Supporting Advanced Search Queries</li> <li>On-Prem 5.3 Release with Intelligence Initiatives and More</li> <li>Cybersecurity Insights Report and Blog Series</li> </ul> <p>Read more below to see what our incredible team has been working on this quarter.</p> <h2>Introducing Match in the Cloud</h2> <p>At the core of this new release is the hard work the team has done to introduce Match, Anomali’s big data threat detection engine, as a cloud-native deployment. By moving Match to the cloud, we’ve introduced new cloud capabilities that work together with existing ThreatStream and Lens capabilities in a cloud-native environment.</p> <p>With Match Cloud, we have unlocked our capability to ingest data from any telemetry source and access our global repository of threat intelligence to deliver high-performance indicator correlation at a rate of 190 trillion EPS.  </p> <p>With Match Cloud, customers can add internal log sources and telemetry freely, leveraging the power of resource-intensive technologies that improve overall effectiveness and efficiencies. </p> <p>Match is available in both cloud and on-premise deployment options. Take our <a href="{page_5837}">interactive tour</a> to learn more. </p> <h2>Announcing The Anomali Platform </h2> <p>As I mentioned above, moving Match to the cloud created synergistic threat detection and response capabilities in a cloud-native environment across the entire Anomali portfolio. With that, we’re able to offer fully cloud-native multi-tenant solutions that easily integrate into existing security tech stacks. </p> <p>We’re excited to introduce The Anomali Platform, a cloud-native extended detection and response (XDR) solution. The Anomali Platform is made up of critical components that work together to ingest security data from any telemetry source and correlate it with our global repository of threat intelligence to drive detection, prioritization, analysis, and response. </p> <p>Included in The Anomali Platform are:</p> <ul> <li>Anomali Match </li> <li>Anomali ThreatStream </li> <li>Anomali Lens </li> </ul> <p>By combining big data management, machine learning, and the world’s largest global threat intelligence repository, organizations can understand what’s happening inside and outside their network within seconds.</p> <p><a href="https://wwwlegacy.anomali.com/files/reviews/Impact-Brief-The-Anomali-Platform.pdf">Read</a> the Enterprise Management Associates (EMA) Impact Brief to see what they had to say about The Anomali Platform or take our <a href="https://www.anomali.com/products/interactive-tour">interactive tour</a> to learn more. And keep an eye out for our live event coming in Mid-April.</p> <h2>Increased Insights with Intelligence Initiatives </h2> <p>Since its release, Intelligence Initiatives have proven to be an effective tool in helping organizations align their intelligence goals and workflows around specific tasks.</p> <p>With this release, we’ve introduced more out of the box options that offer increased granularity and visibility, including:</p> <ul> <li>Granular Intelligence Requirements that enable users to associate intelligence and user activity with specific aspects of analyst work </li> <li>Built-in dashboards with additional insights and information for stakeholders about current Intelligence Initiatives</li> <li>Increased ability to associate ThreatStream entities to an Initiative, allowing an organization to attribute more of their work and research to chosen initiatives, including the attribution of intelligence from Sandbox detonations and manually imported intelligence</li> </ul> <p>This update is currently available as a Cloud-only update for ThreatStream customers until future appliance releases.</p> <h2>Extended Rules Engine Support with Advanced Search Queries</h2> <p>​​ThreatStream allows customers to manage the collection, curation, normalization, and integration of threat intelligence from many sources into your research and operational environments. With ThreatStreams’s rules functionality, users can closely monitor new and updated intelligence.</p> <p>In this release, we’ve added advanced search-based rules on threat entities, including the use of conditions and operators to enable users to obtain greater control in pinpointing the appropriate alerts for teams to manage their highest priority threat intelligence updates. It also allows a retrospective selection of intelligence updates based on new advanced-search rules. </p> <h2>On-Prem 5.3 Release with Intelligence Initiatives and More</h2> <p>It’s not all about the cloud, as this month also brings ThreatStream On-Prem customers a feature-rich release with v5.3, including:</p> <ul> <li>Advanced Saved Search functionality to Threat Models  and custom dashboards</li> <li>STIX TAXII server now provides immediate access to your local dataset [serving local observables only]</li> <li>Support for MITRE ATT&amp;CK Attack Patterns and MITRE Version management [up to v9, in Security Coverage and Investigations]</li> <li>Introduction of Intelligence Initiatives to represent organizational intelligence goals [for local intelligence via local initiatives]</li> <li>Organizational specific intelligence highlights when scanning pages with Lens, as well as Office 365 and PDF support for Lens+ customers</li> <li>Workgroup based dashboards displaying user activity  data broken down by workgroup</li> </ul> <h2>Cybersecurity Insights Report and Blog Series</h2> <p>Anomali recently released our Cybersecurity Insights Report 2022, which outlined key challenges enterprise organizations face daily. In addition to the report, readers can follow along with our new bi-weekly blog series as I explore the Top 10 Cybersecurity Challenges Enterprise Organization's Face and deep dive into each of them.</p> <p>You can read the first in the series <a href="https://www.anomali.com/blog/top-10-cybersecurity-challenges-enterprise-organizations-face">here</a> or <a href="https://www.anomali.com/resources/whitepapers/anomali-cybersecurity-insights-report?[…]utm_campaign=harris-poll&amp;utm_content=blog&amp;cid=7014z000001Ivxt">download the report</a> for more insights.</p> <p>Until next quarter, stay safe!</p>

Get the Latest Anomali Updates and Cybersecurity News – Straight To Your Inbox

Become a subscriber to the Anomali Newsletter
Receive a monthly summary of our latest threat intelligence content, research, news, events, and more.